If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Using TOR and other proxy servers

This is for people with broadband connections (cable, ADSL)
This is my little tutorial/guide on how to use TOR for windows XP. I did this actually because its raining outside and IM bored. Lets begin.
This is for Windows XP with IE6 or IE7 firefox same setup (basically)

Go to http://tor.eff.org/download.html.en and download the bundle which consists of Tor & Privoxy & Vidalia bundle: 0.1.1.26 (sig), 0.1.2.12-rc (sig).
Download it, and save it on your system. Next, run it and install it on your system. After you click 'finish' the white privoxy window will display. Keep this window open just minimize it.

Next, is Vidalia (GUI for TOR) the icon, in the system tray which is a little grey icon for TOR, before starting Vidalia lets configure our web browser. If your running IE6 OR IE7 use this configuration setup. For additional security, I would recommend disabling cookies in your web browser before configuring TOR to work with your web browser.

Open IE go to tools, internet options, click on connections tab, click on LAN settings below, place a check in 'Use a proxy Server,' leave those two white fields blank. Next, click on the advanced button:
Under 'Proxy address to use'
Under HTTP: enter localhost port 8118
Under SECURE: localhost port 8118
under FTP: localhost port 8118
Under Gopher: leave the field blank.
under SOCKS: localhost port 9050
Do not check "use the same proxy server for all protocols" also leave the bottom box blank. Click on OK. and OK and OK. This will close it.
Now go to start, all programs, click on TOR, this will bring up a command prompt box: saying something similiar;

Minimize this box or close it.
Next, right click on the grey icon (tor) and go to start. It should now have a green onion instead of the grey icon. To see if TOR is successfully installed go to www.ipchicken.com or www.ip2location.com and see what it IP address it detects. Or you can open command prompt an issue netstat -ano and look for the established connections. Or you can open comand prompt and issue netsh diag connect ieproxy

Just a little FYI, Tor uses SSL to encrypt all data, and doesn't even leak DNS requests, unlike some proxy servers. As long as it's configured properly and using an appropriate proxy (such as Privoxy, which comes in the bundle).
TOR cannot offer 100% total anonmity so If the connection to the website is not secure (e.g https) then the last gateway will be able to see (and potentially sniff) all traffic.
Thus, it is vitally important when using TOR to check the server certificates and only use encrypted protocols (pop3-ssl, https) if you are logging in.
However, it is true that communication between nodes is encrypted so an intermediate node cannot intercept it.

---------------------------------------------------------------------
Another way to use a proxy server to assist in your web surfing a website proxy server such as www.hidemyass.com where you enter the website you want to visit in the field provided. It will connect to them with their information instead of yours. Again, disabling cookies in your web browser first before configuring TOR to work with your web browser.
--------------------------------------------------------------------
Another method is to use a public proxy server from sites such as http://www.publicproxyservers.com/page1.html
I perfer to use a proxy server from this site but in another country, and perferrably a so called* high anonymity* proxy server running on port 8080.
To do this Open IE go to tools, internet options, click on connections tab, click on LAN settings below, place a check in 'Use a proxy Server,' this time fill in the two white fields with any of the proxy servers from this site or any proxy site. Hit OK and OK. Go to www.ipchicken.com and see what IP address it detects.

If you are using firefox with tor, then just be careful which plugins you have enabled. As shattereddoul mentioned, torpark is a good way to get around your extensions giving up your identity.

I can think of a couple of extensions off the top of my head that would help to blow your cover. forecast fox will give up your zip code. foxmarks will give up your userid for syncing bookmarks. I'd think that the foxmarks servers would also have logs of what other IPs you're syncing from...

That said, there are other applications on your computer that may "phone home" using the IE connection settings. Do you have the weatherbug installed? What about AV programs that may have to reach the internet for updates but also send subscription to verify the product still has support?

BTW: A lot of IDS and firewalls will alert to tor being used. A security admin at a company may want to block proxies such as tor so users can't bypass the content filtering system. I know it is blocked where I work... and the bleeding snort rules go crazy when it detects connection attempts to the tor network. Depending on the placement of the the IDS sensors, alerts will still go off even if the connection attempt fails due to a firewall blocking it.

Last edited by phishphreek; April 16th, 2007 at 12:14 PM.

Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

The rc build is a newer build (release candidate). The other is the current GA build. I tend to play with RC builds but it should be clear that you only need to download one or the other, not both.

BTW: A lot of IDS and firewalls will alert to tor being used. A security admin at a company may want to block proxies such as tor so users can't bypass the content filtering system. I know it is blocked where I work... and the bleeding snort rules go crazy when it detects connection attempts to the tor network. Depending on the placement of the the IDS sensors, alerts will still go off even if the connection attempt fails due to a firewall blocking it.

We know the *second* someone attempts to fire up TOR.
--TH13

Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Why is that? Do they see TOR as a threat or just something to take notice and be concered of? Average users do not know how to setup or configure TOR.

I know it is blocked where I work... and the bleeding snort rules go crazy when it detects connection attempts to the tor network. Depending on the placement of the the IDS sensors, alerts will still go off even if the connection attempt fails due to a firewall blocking it.

What do the alerts look like? I never setup or used snort so I don't know.

We look for the protocol on our wire at the network choke point and if seen, fire rains down from the sky.

Which protocol exactly? Also, does websites do this aswell or just networks? Websites have applications that can detect when someone is using tor but is their a way to spoof the protocol or use a protocol cleaner like program to assist with this? Not that Im trying to dodge any IDS or bypass security or anything like that but find this interesting.

We block tor and try to detect it because it has no place in a workplace like mine. It can be used to bypass content filtering systems, run hidden services and if configured as a router... use bandidth and serve up those hidden services.

Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.